Vigilance—essential to a strong risk culture

Successful risk management requires an organizational culture that encourages and reinforces good risk management decisions throughout the company.

Easily said.

Building such a culture is hard work. Cultural change—a real shift in attitude—is not produced from thin air by occasional pep talks or by posting colorful motivational posters in the company cafeteria. A strong risk culture emerges only after top management has committed the time, the resources, and the incentives to make it happen.

It is a management crusade, not a special project run by the HR department.

Build up your weak points

But what does a strong risk culture look like and how do you build one?

In a prior blog post I asserted that a strong risk culture has observable attributes that foster better risk decisions. If some of these attributes are weak, there are specific, pragmatic steps you can take to strengthen them.

These attributes are:

• Vigilance—Being alert to emerging threats and opportunities.

• Agility—Deciding and acting in time.

• Collaboration—Being able to work together effectively on risk issues.

• Communication—Sharing information and ideas about risks.

• Discipline—Knowing and doing what is right from a risk perspective

• Talent—Attracting and motivating people who have the necessary risk knowledge and skills.

And yes, you should pay attention to the trade press, the internal rumor mill, and to the anecdotes that flow in from employees, management consultants, investment bankers, directors, important investors, and customers.

But if that is all you do, your intelligence is likely to be average quality, at best, and it will provide no competitive edge in identifying emerging opportunities and threats.

You need to be one step ahead of your competitors.

And you must avoid unnecessary surprises.

Avoiding key pitfall of risk intelligence

One big problem with the usual sources of intelligence is bias.

Because of the way the information is gathered and evaluated, management may draw conclusions that are way off the mark.

There are many sources of bias: taking too narrow a view of how the company may affected by a changing business environment; being myopic about longer-run scenarios; being complacent about potential threats; looking for confirmation of one’s pre-existing beliefs and rejecting contrary views; relying too heavily on advisors with an axe to grind… the list is long.

There is no way to completely eliminate bias in the decision-making process, but there are ways to reduce it substantially. For example:

1.Actively seek out diverse sources of credible intelligence that are truly independent. Be wary of advisors with an axe to grind.

Look to independent think tanks and research firms, academics, prominent business leaders that are not your competitors or customers, and so on.

Cast a wide net to include many differing disciplines and points of view.

Make sure to include some qualified advisors whose views you may not find congenial.

Dan Borge is the author of The Book of Risk and a consultant on strategy and risk management. He was the principal architect of the first enterprise risk management system, RAROC (Risk Adjusted Return On Capital), at Bankers Trust, where he was head of strategic planning and a senior managing director. Prior to his banking career, he was an aerospace engineer at The Boeing Company. You can also read a review of The Book of Risk here, "A Risk Management Book That Doesn't Make You Snore."